Manager - Information Security Risk Management- BISO

We are the leading source of intelligent information for the world's businesses and professionals, providing customers with competitive advantage. Intelligent information is a unique synthesis of human intelligence, industry expertise and innovative technology that provides decision-makers with the knowledge to act, enabling them to make better decisions faster. We deliver this must-have insight to the financial and risk, legal, tax and accounting and media markets, powered by the world's most trusted news organization.

Business Title: Manager,Information Security Risk Management

Location: UK (Nottingham or London)

Thomson Reuter's Information Security & Risk Management (ISRM) team is seeking a Manager of Information Security Risk Management to provide technical leadership for Reuters News, Enterprise Business Systems (EBS) and Business Enabling Functions. The Manager will report to the Business Information Security Officer (BISO) for these areas and is responsible for partnering with the business to define and implement an information security strategy that supports the businesses goals and objectives.

This individual will have a strong information security background and have a good understanding of customer, regulatory and business requirements. The candidate must be able to demonstrate relevant experience in a complex global organisation and be able to manage a global team. Strong coordination skills are essential due to the multiple stakeholders that this role partners with. These groups include IT functions in the CIO and CTO organizations and corporate functions such as HR and Finance, and shared security services. The candidate must also have direct experience and effectiveness communicating across all tiers of the organization from technologists to the 'C' suite.

Essential Responsibilities:

  • ISRM relationship management with Reuters, EBS and Business Enabling Functions
  • To build effective relationships and communications with cross functional teams including key stakeholder groups
  • Manage issues, track remediation and register risks in partnership with the business units and ISRM
  • Support the development of business unit scorecards to report compliance and risk metrics to drive change
  • Tracking and reporting on key information security priorities such as compliance of applications to the information security policy, patching of applications and critical supporting infrastructure, and vulnerability management.
  • Governance of penetration testing, application assurance, application certification and awareness programs with the business to address security vulnerabilities identified in applications and infrastructure
  • Collaborate with the security architects to discuss potential solutions supporting the business strategy
  • Facilitates engagements to identify projects that enable business development while ensuring the necessary security controls are in place
  • Drives service level agreements as needed with stakeholder groups
  • Act as an escalation point for vendor risk assessment results on vendors being used by EBS, Reuters News, and Enabling Functions.
  • Proactively work with other BISO teams to share knowledge of initiatives in EBS and Enabling functions that have a security impact on the CTO BU teams.

Essential Skills and Experience:

  • Must possess strong verbal & written communication skills
  • Experience of technology leadership with breadth across information security
  • Be a team player able to work effectively at all levels of an organization with the ability to communicate design rationale and influence others to move toward consensus
  • Experience with developing security standards and educational cross-functional training
  • Knowledge of industry wide information security frameworks including ISO 27001/2 and NIST
  • Strong critical thinking and group facilitation skills
  • Must be a strong cross-functional team player with ability to influence others in a matrix structure, across time zone and national boundaries
  • Familiarity with a variety of application security architectures and supporting infrastructure such as networking, identity and access management, and cloud security.
  • Extensive information security experience
  • Must have unrestricted authorization to work in the in the United Kingdom
  • Must submit to a background investigation, including verification of past employment, criminal history and educational background

Desired Skills and Experience:

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)


  • Bachelor's degree in Information Technology related area

At Thomson Reuters, we believe what we do matters. We are passionate about our work, inspired by the impact it has on our business and our customers. As a team, we believe in winning as one - collaborating to reach shared goals, and developing through challenging and meaningful experiences. With over 50,000 employees in more than 100 countries, we work flexibly across boundaries and realize innovations that help shape industries around the world. Making this happen is a dynamic, evolving process, and we count on each employee to be a catalyst in driving our performance - and their own.

As a global business, we rely on diversity of culture and thought to deliver on our goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, colour, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under country or local law. Thomson Reuters is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.

Intrigued by a challenge as large and fascinating as the world itself? Come join us.

To learn more about what we offer, please visit

More information about Thomson Reuters can be found on

Meet Some of Thomson Reuters's Employees

Stephanie B.

Producer, Facebook Live

Stephanie creates innovative video copy for live Facebook feeds, working with reporters right in the office, as well as those stationed all around the world.

Catherine N.

Energy Markets Reporter

Catherine follows the fluctuating trends of the oil industry, reporting on market changes and issues in ways that are easily understandable to those who aren’t completely familiar with the field.

Back to top